search

fastify / fastify-passport

Use passport strategies for authentication within a fastify application
MIT License
260 stars 46 forks source link

What is the current state of testing on the package? #1231

Open U-4-E-A opened 3 weeks ago

U-4-E-A commented 3 weeks ago

Prerequisites

Issue

I downloaded a zip of the repo, installed dependencies and ran yarn test. A number of tests failed: -

yarn run v1.22.21
$ npm run build:test && npm run test:unit

> @fastify/passport@3.0.1 build:test
> tsc --project tsconfig.test.json

> @fastify/passport@3.0.1 test:unit
> borp --coverage

TypeScript compilation complete (2241ms)
ℹ TypeScript compilation complete (2242ms)
▶ @fastify/session tests
  ✔ should be able to unuse strategy (1.3279ms)
  ✔ should throw error if strategy has no name (0.2945ms)
  ✔ should catch synchronous strategy errors and fail authentication (52.4694ms)
  ✔ should catch asynchronous strategy errors and fail authentication (9.3376ms)
  ✔ should be able to fail with a failure flash message (9.9993ms)
  ✔ should be able to fail without a failure flash message (7.5908ms)
▶ @fastify/session tests (83.0275ms)
▶ @fastify/secure-session tests
  ✔ should be able to unuse strategy (0.1455ms)
  ✔ should throw error if strategy has no name (0.1036ms)
  ✔ should catch synchronous strategy errors and fail authentication (9.4844ms)
  ✔ should catch asynchronous strategy errors and fail authentication (12.4265ms)
  ✔ should be able to fail with a failure flash message (7.2641ms)
  ✔ should be able to fail without a failure flash message (7.2216ms)
▶ @fastify/secure-session tests (37.2364ms)
▶ @fastify/session tests
  ✔ should initiate oauth with the google strategy from npm (52.1992ms)
  ✔ should initiate oauth with the facebook strategy from npm (5.3088ms)
  ✔ should initiate oauth with the github strategy from npm (6.7302ms)
  ✔ should initiate oauth with the openid-client strategy from npm (11.3369ms)
▶ @fastify/session tests (77.4937ms)
▶ @fastify/secure-session tests
  ✔ should initiate oauth with the google strategy from npm (6.9028ms)
  ✔ should initiate oauth with the facebook strategy from npm (7.1428ms)
  ✔ should initiate oauth with the github strategy from npm (8.8693ms)
  ✔ should initiate oauth with the openid-client strategy from npm (7.0566ms)
▶ @fastify/secure-session tests (30.5285ms)
▶ SessionStrategy
  ✔ should throw an Error if no parameter was passed (2.2311ms)
  ✔ should throw an Error if no deserializeUser-function was passed as second parameter (0.1802ms)
  ✔ should throw an Error if no deserializeUser-function was passed as second parameter (0.1415ms)
  ✔ should not throw an Error if no deserializeUser-function was passed as first parameter (0.1966ms)
  ✔ should not throw an Error if no deserializeUser-function was passed as second parameter (0.1244ms)
▶ SessionStrategy (4.5554ms)
▶ @fastify/session tests
  ▶ Authenticator session serialization
    ✔ it should roundtrip a user (3.9399ms)
    ✔ should allow multiple user serializers and deserializers (71.9884ms)
    ✔ should allow user serializers/deserializers that work like a database (14.4518ms)
    ✔ should throw if user deserializers return undefined (16.5527ms)
    ✔ should deny access if user deserializers return null for logged in sessions (13.873ms)
  ▶ Authenticator session serialization (122.3479ms)
▶ @fastify/session tests (123.5905ms)
▶ @fastify/secure-session tests
  ▶ Authenticator session serialization
    ✔ it should roundtrip a user (0.3218ms)
    ✔ should allow multiple user serializers and deserializers (12.8452ms)
    ✔ should allow user serializers/deserializers that work like a database (5.4509ms)
    ✔ should throw if user deserializers return undefined (5.8473ms)
    ✔ should deny access if user deserializers return null for logged in sessions (7.6406ms)
  ▶ Authenticator session serialization (32.644ms)
▶ @fastify/secure-session tests (32.811ms)
▶ @fastify/session tests
  ▶ session isolation
    ✔ should return 401 Unauthorized if not logged in (41.148ms)
    ✔ logging in one user shouldn't log in the others (11.9349ms)
    ✔ logging in each user should keep their sessions independent (9.8399ms)
    ✔ logging out one user shouldn't log out the others (10.7864ms)
    ✔ force logging in users shouldn't change the login state of the others (2.8997ms)
    ✔ should regenerate session on login (3.263ms)
  ▶ session isolation (81.1376ms)
▶ @fastify/session tests (82.312ms)
▶ @fastify/secure-session tests
  ▶ session isolation
    ✔ should return 401 Unauthorized if not logged in (17.8548ms)
    ✔ logging in one user shouldn't log in the others (6.2219ms)
    ✔ logging in each user should keep their sessions independent (3.398ms)
    ✔ logging out one user shouldn't log out the others (5.4625ms)
    ✔ force logging in users shouldn't change the login state of the others (2.9028ms)
    ﹣ should regenerate session on login (0.1634ms) # SKIP
  ▶ session isolation (36.643ms)
▶ @fastify/secure-session tests (36.8144ms)
▶ SecureSessionManager
  ✔ should throw an Error if no parameter was passed (1.8373ms)
  ✔ should throw an Error if no serializeUser-function was passed as second parameter (0.2342ms)
  ✔ should throw an Error if no serializeUser-function was passed as second parameter (0.1825ms)
  ✔ should not throw an Error if no serializeUser-function was passed as first parameter (0.1592ms)
  ✔ should not throw an Error if no serializeUser-function was passed as second parameter (0.1213ms)
  ✔ should set the key accordingly (1.1007ms)
  ✔ should ignore non-string keys (0.2465ms)
  ✔ should only call request.session.regenerate once if a function (1.5509ms)
  ✔ should call request.session.regenerate function if clearSessionOnLogin is false (0.399ms)
  ✔ should call request.session.regenerate function with all properties from session if keepSessionInfo is true (2.1838ms)
  ✔ should call request.session.regenerate function with default properties from session if keepSessionInfo is false (0.4417ms)
  ✔ should call session.set function if no regenerate function provided and keepSessionInfo is true (0.4102ms)
▶ SecureSessionManager (11.0964ms)
▶ @fastify/session tests
  ✔ should return 401 Unauthorized if not logged in (50.6231ms)
  ✔ should allow login, and add successMessage to session upon logged in (16.4839ms)
  ✔ should allow login, and add successMessage to the session from a strategy that sets it (11.7597ms)
  ✔ should throw error if pauseStream is being used (8.3439ms)
  ✔ should execute successFlash if logged in (9.801ms)
  ✔ should execute successFlash=true if logged in (10.0637ms)
  ✔ should return 200 if logged in and redirect to the successRedirect from options (8.2614ms)
  ✔ should return use assignProperty option (5.0932ms)
  ✔ should redirect to the returnTo set in the session upon login (10.1905ms)
  ✔ should return 200 if logged in and authInfo is true (5.8583ms)
  ✔ should return 200 if logged in against a running server (46.6125ms)
  ✔ should execute failureRedirect if failed to log in (5.3238ms)
  ✔ should add failureMessage to session if failed to log in (4.6088ms)
  ✔ should add failureFlash to session if failed to log in (9.8755ms)
  ✔ should add failureFlash=true to session if failed to log in (6.9124ms)
  ✔ should return 401 Unauthorized if not logged in when used as a handler (6.062ms)
  ✔ should redirect when used as a handler (5.6439ms)
  ✔ should not log the user in when passed a callback (3.5314ms)
  ✔ should allow registering strategies after creating routes referring to those strategies by name (4.1449ms)
▶ @fastify/session tests (232.8964ms)
▶ @fastify/secure-session tests
  ✔ should return 401 Unauthorized if not logged in (7.3431ms)
  ✔ should allow login, and add successMessage to session upon logged in (10.1731ms)
  ✔ should allow login, and add successMessage to the session from a strategy that sets it (4.4987ms)
  ✔ should throw error if pauseStream is being used (4.2194ms)
  ✔ should execute successFlash if logged in (4.2007ms)
  ✔ should execute successFlash=true if logged in (3.8913ms)
  ✔ should return 200 if logged in and redirect to the successRedirect from options (3.5043ms)
  ✔ should return use assignProperty option (4.6106ms)
  ✔ should redirect to the returnTo set in the session upon login (3.9081ms)
  ✔ should return 200 if logged in and authInfo is true (3.4487ms)
  ✔ should return 200 if logged in against a running server (8.4121ms)
  ✔ should execute failureRedirect if failed to log in (2.9131ms)
  ✔ should add failureMessage to session if failed to log in (3.7945ms)
  ✔ should add failureFlash to session if failed to log in (5.226ms)
  ✔ should add failureFlash=true to session if failed to log in (3.3195ms)
  ✔ should return 401 Unauthorized if not logged in when used as a handler (2.9762ms)
  ✔ should redirect when used as a handler (3.5241ms)
  ✔ should not log the user in when passed a callback (2.8863ms)
  ✔ should allow registering strategies after creating routes referring to those strategies by name (2.6737ms)
▶ @fastify/secure-session tests (86.526ms)
▶ @fastify/session tests
  ▶ multiple registered instances (clearSessionOnLogin: false)
    ✔ logging in with one instance should not log in the other instance (76.4197ms)
    ✖ simultaneous login should be possible (23.768ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:        

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:170:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

    ✖ logging out with one instance should not log out the other instance (20.0938ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:208:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

    ✖ user objects from different instances should be different (12.464ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:251:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

  ▶ multiple registered instances (clearSessionOnLogin: false) (134.3811ms)
  ▶ multiple registered instances (clearSessionOnLogin: true)
    ✔ logging in with one instance should not log in the other instance (14.7946ms)
    ✔ simultaneous login should NOT be possible (12.8486ms)
    ✔ logging out with one instance should log out the other instance (17.2051ms)
    ✔ user objects from different instances should be different (14.2036ms)
  ▶ multiple registered instances (clearSessionOnLogin: true) (59.5903ms)
▶ @fastify/session tests (195.1877ms)
▶ @fastify/secure-session tests
  ▶ multiple registered instances (clearSessionOnLogin: false)
    ✔ logging in with one instance should not log in the other instance (17.1388ms)
    ✖ simultaneous login should be possible (12.0604ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:170:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

    ✖ logging out with one instance should not log out the other instance (10.8614ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:208:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

    ✖ user objects from different instances should be different (9.81ms)
      AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

      401 !== 200

          at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:251:16)
          at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
          at async Test.run (node:internal/test_runner/test:857:9)
          at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
        generatedMessage: true,
        code: 'ERR_ASSERTION',
        actual: 401,
        expected: 200,
        operator: 'strictEqual'
      }

  ▶ multiple registered instances (clearSessionOnLogin: false) (50.4527ms)
  ▶ multiple registered instances (clearSessionOnLogin: true)
    ✔ logging in with one instance should not log in the other instance (8.5106ms)
    ✔ simultaneous login should NOT be possible (6.9692ms)
    ✔ logging out with one instance should log out the other instance (9.7774ms)
    ✔ user objects from different instances should be different (5.9967ms)
  ▶ multiple registered instances (clearSessionOnLogin: true) (31.5551ms)
▶ @fastify/secure-session tests (82.2797ms)
▶ @fastify/session tests
  ▶ .authorize
    ✔ should return 401 Unauthorized if not logged in (56.7286ms)
  ▶ .authorize (57.8011ms)
▶ @fastify/session tests (59.2591ms)
▶ @fastify/secure-session tests
  ▶ .authorize
    ✔ should return 401 Unauthorized if not logged in (7.0991ms)
  ▶ .authorize (7.2481ms)
▶ @fastify/secure-session tests (7.3891ms)
▶ @fastify/session tests
  ✔ should allow passing a specific Strategy instance to an authenticate call (20.775ms)
  ✔ should allow passing a multiple specific Strategy instances to an authenticate call (8.9405ms)
  ✔ should allow passing a mix of Strategy instances and strategy names (7.4856ms)
  ✔ should allow passing specific instances to an authorize call (8.1515ms)
  ✔ Strategy instances used during one authentication shouldn't be registered (1.5283ms)
▶ @fastify/session tests (47.3232ms)
▶ @fastify/secure-session tests
  ✔ should allow passing a specific Strategy instance to an authenticate call (14.3823ms)
  ✔ should allow passing a multiple specific Strategy instances to an authenticate call (6.6247ms)
  ✔ should allow passing a mix of Strategy instances and strategy names (6.6631ms)
  ✔ should allow passing specific instances to an authorize call (3.5648ms)
  ✔ Strategy instances used during one authentication shouldn't be registered (0.7518ms)
▶ @fastify/secure-session tests (32.4286ms)
▶ @fastify/session tests
  ▶ Request decorators
    ✔ logIn allows logging in an arbitrary user (54.6208ms)
    ﹣ logIn allows logging in an arbitrary user for the duration of the request if session=false (0.1542ms) # SKIP
    ✔ logIn allows logging in an arbitrary user for the duration of the request if session=false (389.318ms)
    ✔ should logout (7.7651ms)
  ▶ Request decorators (452.8155ms)
▶ @fastify/session tests (453.9615ms)
▶ @fastify/secure-session tests
  ▶ Request decorators
    ✔ logIn allows logging in an arbitrary user (5.0635ms)
    ✔ logIn allows logging in an arbitrary user for the duration of the request if session=false (3.9271ms)
    ﹣ logIn allows logging in an arbitrary user for the duration of the request if session=false (0.0945ms) # SKIP
    ✔ should logout (7.849ms)
  ▶ Request decorators (17.1371ms)
▶ @fastify/secure-session tests (17.2219ms)
▶ @fastify/session tests
  ▶ guard against fixation
    ✔ should renegerate csrf token on login (58.3109ms)
  ▶ guard against fixation (59.506ms)
▶ @fastify/session tests (60.7861ms)
▶ @fastify/secure-session tests
  ▶ guard against fixation
    ✔ should renegerate csrf token on login (20.7043ms)
  ▶ guard against fixation (20.9207ms)
▶ @fastify/secure-session tests (21.0701ms)
▶ @fastify/session tests
  ▶ .authorize
    ✔ should return 401 Unauthorized if not logged in (60.3004ms)
  ▶ .authorize (61.6211ms)
▶ @fastify/session tests (65.2836ms)
▶ @fastify/secure-session tests
  ▶ .authorize
    ✔ should return 401 Unauthorized if not logged in (10.4221ms)
  ▶ .authorize (10.6669ms)
▶ @fastify/secure-session tests (10.9092ms)
▶ Native ESM import
  ✔ should be able to use default export (142.176ms)
  ✔ should be able to use named export (124.5897ms)
▶ Native ESM import (269.0464ms)
ℹ tests 139
ℹ suites 41
ℹ pass 130
ℹ fail 6
ℹ cancelled 0
ℹ skipped 3
ℹ todo 0
ℹ duration_ms 6982.637

✖ failing tests:

test at test\multi-instance.test.ts:144:11
✖ simultaneous login should be possible (23.768ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:170:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }

test at test\multi-instance.test.ts:182:11
✖ logging out with one instance should not log out the other instance (20.0938ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:208:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }

test at test\multi-instance.test.ts:226:11
✖ user objects from different instances should be different (12.464ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:251:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }

test at test\multi-instance.test.ts:144:11
✖ simultaneous login should be possible (12.0604ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:170:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }

test at test\multi-instance.test.ts:182:11
✖ logging out with one instance should not log out the other instance (10.8614ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:208:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }

test at test\multi-instance.test.ts:226:11
✖ user objects from different instances should be different (9.81ms)
  AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:

  401 !== 200

      at TestContext.<anonymous> (C:\dev\@foundry86\fastify-passport-original\test\multi-instance.test.ts:251:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Test.run (node:internal/test_runner/test:857:9)
      at async Suite.processPendingSubtests (node:internal/test_runner/test:565:7) {
    generatedMessage: true,
    code: 'ERR_ASSERTION',
    actual: 401,
    expected: 200,
    operator: 'strictEqual'
  }
----------------------------|---------|----------|---------|---------|-----------------------------------------------------------------
File                        | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
----------------------------|---------|----------|---------|---------|-----------------------------------------------------------------
All files                   |   95.09 |    89.37 |   93.44 |   95.09 |                                                                 
 src                        |   94.44 |    87.39 |   94.28 |   94.44 | 
  AuthenticationRoute.ts    |   91.77 |    84.81 |     100 |   91.77 | 102-103,241-242,271-285,300-301,308-309,312-313,360-361,368-371
  Authenticator.ts          |   97.79 |    91.42 |   93.33 |   97.79 | 212-213,273-274,327-328,355-356
  CreateInitializePlugin.ts |     100 |      100 |     100 |     100 | 
  errors.ts                 |      50 |      100 |       0 |      50 | 5-11
  index.ts                  |     100 |      100 |     100 |     100 | 
  type-extensions.ts        |     100 |      100 |     100 |     100 | 
 src/decorators             |      90 |    85.71 |    87.5 |      90 | 
  index.ts                  |     100 |      100 |     100 |     100 | 
  is-authenticated.ts       |     100 |      100 |     100 |     100 |
  is-unauthenticated.ts     |      40 |      100 |       0 |      40 | 3-5
  login.ts                  |   90.19 |    66.66 |     100 |   90.19 | 36-37,47-49
  logout.ts                 |     100 |      100 |     100 |     100 |
 src/session-managers       |   93.75 |     87.5 |     100 |   93.75 |
  SecureSessionManager.ts   |   93.75 |     87.5 |     100 |   93.75 | 61-65
 src/strategies             |   97.48 |    88.88 |      75 |   97.48 |
  SessionStrategy.ts        |   96.77 |    88.23 |     100 |   96.77 | 37-38
  base.ts                   |    97.8 |      100 |      50 |    97.8 | 21-22
  index.ts                  |     100 |      100 |     100 |     100 |
 test                       |     100 |      100 |     100 |     100 |
  helpers.ts                |     100 |      100 |     100 |     100 |
----------------------------|---------|----------|---------|---------|-----------------------------------------------------------------
error Command failed with exit code 1.

In addition, I noticed what appears to be an error in authorize.test.ts where the test description does not match the assertion: -

const testSuite = (sessionPluginName: string) => {
  describe(`${sessionPluginName} tests`, () => {
    describe('.authorize', () => {
      test(`should return 401 Unauthorized if not logged in`, async () => {
        const { server, fastifyPassport } = getConfiguredTestServer()
        fastifyPassport.use(new TestThirdPartyStrategy('third-party'))
        expectType<RouteHandlerMethod>(fastifyPassport.authorize('third-party'))
        server.get('/', { preValidation: fastifyPassport.authorize('third-party') }, async (request) => {
          const user = request.user as any
          assert.ifError(user)
          const account = request.account as any
          assert.ok(account.id)
          assert.strictEqual(account.name, 'test')

          return 'it worked'
        })

        const response = await server.inject({ method: 'GET', url: '/' })
        assert.strictEqual(response.statusCode, 200)
      })
    })
  })
}

Shouldn't assert.strictEqual(response.statusCode, 200) be assert.strictEqual(response.statusCode, 401) or the description of should return 401 Unauthorized if not logged in is wrong? This test passes because the response code is indeed 200.

mcollina commented 3 weeks ago

We do not use yarn. We use npm and its own lock file. Tests are passing with the dependencies in said lock file, I guess yarn is doing something funky.

We haven't updated a few dependencies yet: https://github.com/fastify/fastify-passport/pulls.